package cn.tj212.xiaoyin.portal.controller;


import cn.tj212.xiaoyin.common.util.EncryptUtil;
import cn.tj212.xiaoyin.common.web.JsonView;
import cn.tj212.xiaoyin.common.web.SessionContext;
import cn.tj212.xiaoyin.core.auth.domain.AuthUser;
import cn.tj212.xiaoyin.core.auth.service.IAuthUserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.omg.CORBA.PUBLIC_MEMBER;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;

/**
 * Login and register
 */
@Controller
@RequestMapping("/auth")
public class AuthController {

    @Autowired
    private IAuthUserService authUserService;

    /**
     * 注册页面
     *
     * @return
     */
    @RequestMapping("/register")
    public ModelAndView register() {
        if (SessionContext.isLogin()) {
            return new ModelAndView("redirect:/index.html");
        }
        return new ModelAndView("auth/register");
    }

    /**
     * 实现注册
     *
     * @param authUser
     * @param identifyCode
     * @param request
     * @return
     */
    @RequestMapping("/doRegister")
    @ResponseBody
    public String doRegister(AuthUser authUser, String identifyCode, HttpServletRequest request) {
        //验证码判断
        if (identifyCode != null && !identifyCode.equalsIgnoreCase(SessionContext.getIdentifyCode(request))) {
            return JsonView.render(2);
        }

        AuthUser tmpUser = authUserService.getByUsername(authUser.getUsername());
        if (tmpUser != null) {
            return JsonView.render(1);
        } else {
            authUser.setPassword(EncryptUtil.encodeByMD5(authUser.getPassword()));
            authUserService.createSelectivity(authUser);
            return JsonView.render(0);
        }
    }

    @RequestMapping("/login")
    public ModelAndView login(){
        if (SessionContext.isLogin()){
            return new ModelAndView("redirect:index.html");
        }
        return new ModelAndView("redirect:auth/login");
    }

    @RequestMapping("/ajaxlogin")
    @ResponseBody
    public String ajaxLogin(AuthUser authUser,String identifyCode,Integer rememberMe,HttpServletRequest request){
        //验证码判断
        if (identifyCode!=null&&!identifyCode.equalsIgnoreCase(SessionContext.getIdentifyCode(request))){
            return JsonView.render(2,"验证码不正确！");
        }

        Subject currentUser=SecurityUtils.getSubject();
        UsernamePasswordToken token=new UsernamePasswordToken(authUser.getUsername(),EncryptUtil.encodeByMD5(authUser.getPassword()));
        try{
            if (rememberMe!=null&&rememberMe==1){
                token.setRememberMe(true);
            }
            currentUser.login(token);//shiro不抛出异常，登录成功
            return new JsonView().toString();
        }catch (AuthenticationException e){
            return JsonView.render(1,"用户名或密码不正确！");
        }
    }

    @RequestMapping("/doLogin")
    public ModelAndView doLogin(AuthUser user,String identifyCode,HttpServletRequest request){
        if (SessionContext.getAuthUser()!=null)
            return new ModelAndView("redirect:/user/home.html");
        //验证码判断
        if (identifyCode!=null&&!identifyCode.equalsIgnoreCase(SessionContext.getIdentifyCode(request))){
            ModelAndView mv=new ModelAndView("auth/login");
            mv.addObject("errcode",1);
            return mv;
        }
        UsernamePasswordToken token=new UsernamePasswordToken(user.getUsername(),EncryptUtil.encodeByMD5(user.getPassword()));
        try {
            Subject currentUser=SecurityUtils.getSubject();
            currentUser.login(token);
            return new ModelAndView("redirect:/user/home.html");
        }catch (AuthenticationException e){
            ModelAndView mv=new ModelAndView("auth/login");
            mv.addObject("errcode",2);
            return mv;
        }
    }

    @RequestMapping("/logout")
    public ModelAndView logout(HttpServletRequest request){
        SessionContext.shiroLogout();
        return new ModelAndView("redirect:/index.html");
    }
}
